Linux: priv required for TA_IsGenuineEx w/ TA_SYSTEM

Hi,

In our application, we use the C++ API and the TA_SYSTEM flag. We require that users perform most licensing operations as a privileged user.

However, we (currently) don't require privilege when running TA_IsGenuineEx.

We've been seeing a couple of issues with this configuration:

- there are rare cases in which TA_IsGenuineEx returns different things depending on whether it is run with privilege (apparently due to permissions on the hidden folders it uses to store license state)

- there are rare cases in which TA_IsGenuineEx starts failing after a couple of months, even when the license is valid (this appears to be around the time the license would need to be re-verified, leading us to believe that perhaps privilege is required to verify and/or mark the license as verified)

So, the question: is it reasonable to try to run TA_IsGenuineEx without privilege, or does using TA_SYSTEM imply that we should always run it with privileges?

Hey Jonathan,

If you call TA_IsGenuineEx() as per the comments in TurboActivate.h, it sets things up so that if those files and folders aren't later modified by the end-users, you won't need to run privileged again.

However, if the end-user doesn't muck around with those files & folders, then things will start failing (usually with a simple TA_FAIL, rather than a TA_E_PERMISSION). This is the atypical case. Namely, it's the case where a customer blindly modifies the permissions of files.

In the near-ish future we'll make TA better at detecting when end-users do stupid things (thus making it easier for you to fix things and inform the end-user).

Okay, that's helpful. Thanks!

Reply
Discard post